Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/B66DQLeQQsfCRC70iC9ajM9O9s0.roa
File: B66DQLeQQsfCRC70iC9ajM9O9s0.roa (raw, json)
Hash identifier: 3nVjFsWHA9fLdFTp0YeyDgNahl9IFCyEhT0hobMCyR0=
Subject key identifier: 07:AE:83:40:B7:90:42:C7:C2:44:2E:F4:88:2F:5A:8C:CF:4E:F6:CD
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 019421B1E2AEBAAB6682AC78219DF8BF0B91
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/B66DQLeQQsfCRC70iC9ajM9O9s0.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 84.239.5.0/24 maxlen: 24
84.239.6.0/24 maxlen: 24
84.239.7.0/24 maxlen: 24
84.239.10.0/24 maxlen: 24
84.239.12.0/24 maxlen: 24
84.239.16.0/24 maxlen: 24
84.239.17.0/24 maxlen: 24
84.239.25.0/24 maxlen: 24
84.239.27.0/24 maxlen: 24
84.239.28.0/24 maxlen: 24
84.239.31.0/24 maxlen: 24
84.239.33.0/24 maxlen: 24
84.239.37.0/24 maxlen: 24
84.239.41.0/24 maxlen: 24
84.239.42.0/24 maxlen: 24
84.239.43.0/24 maxlen: 24
84.239.45.0/24 maxlen: 24
84.239.47.0/24 maxlen: 24
84.239.48.0/24 maxlen: 24
84.239.50.0/24 maxlen: 24
84.239.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e2:ae:ba:ab:66:82:ac:78:21:9d:f8:bf:0b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07ae8340b79042c7c2442ef4882f5a8ccf4ef6cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:2f:98:af:e0:58:ea:c2:71:5d:48:a4:97:bb:
da:32:06:f9:90:73:03:cb:ff:eb:25:73:61:76:fc:
55:cf:ab:b0:d4:9b:39:0f:c3:67:c6:cc:fd:cf:02:
05:b5:7b:3f:3c:71:98:25:9d:8a:0a:b0:6c:4f:6d:
a0:ca:fd:59:fe:e7:a3:0a:d6:57:0a:59:f9:42:a7:
77:0b:4a:e5:e7:78:d7:b8:20:ff:33:e3:f9:76:3d:
f1:01:64:39:5f:1d:12:ff:d9:a9:57:c7:a1:cc:e2:
67:7b:ea:0d:39:40:64:71:20:ef:c7:38:e5:ac:39:
5e:54:66:fb:94:dc:9d:ec:1f:63:d4:56:e3:98:00:
bf:df:a2:d5:1d:f7:d3:c7:6a:94:f5:f5:d5:da:c7:
02:e5:a5:44:b5:19:b2:7d:c2:f3:79:ee:df:d7:81:
0b:f3:20:92:5c:fc:f4:cd:d1:29:31:49:9a:2e:1a:
25:c0:fa:c8:7d:1f:b3:03:8c:1c:9f:38:20:cf:91:
19:46:20:23:c3:50:e0:d9:9a:3a:ba:73:dd:b1:ba:
26:5c:b9:7c:5f:dd:c5:47:f5:6e:f8:48:c1:e2:36:
99:c6:dd:8a:85:c5:af:3d:51:c7:fb:17:bd:1b:17:
25:70:ba:70:58:d1:e9:57:d3:4a:9e:62:65:78:40:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:AE:83:40:B7:90:42:C7:C2:44:2E:F4:88:2F:5A:8C:CF:4E:F6:CD
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/B66DQLeQQsfCRC70iC9ajM9O9s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.5.0-84.239.7.255
84.239.10.0/24
84.239.12.0/24
84.239.16.0/23
84.239.25.0/24
84.239.27.0-84.239.28.255
84.239.31.0/24
84.239.33.0/24
84.239.37.0/24
84.239.41.0-84.239.43.255
84.239.45.0/24
84.239.47.0-84.239.48.255
84.239.50.0/24
84.239.52.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:05:d1:9f:87:fa:21:e0:1b:fa:9b:30:eb:d0:01:57:b1:71:
30:60:e1:b3:81:31:97:53:5c:10:b9:4d:7c:69:fb:c4:12:70:
f1:ea:98:e8:33:c6:ce:18:4f:ab:c6:e0:bf:ce:2c:72:fa:25:
7c:7d:fe:5b:8f:0f:c5:47:cc:8c:56:47:7b:a7:fb:bc:7c:0c:
42:75:a7:df:80:f7:31:fd:54:ba:39:a1:74:49:80:1e:a8:24:
62:e9:91:c0:c7:a3:1d:2d:87:f2:9d:e4:d6:b9:08:9d:ba:85:
ee:fa:5a:ba:2b:2f:64:c2:ad:cc:ec:b9:21:6b:4d:48:8d:cb:
da:5a:8f:56:21:b7:ee:40:98:df:54:af:2a:66:9a:b4:a0:11:
ca:d4:5a:6a:29:85:e9:6e:be:8d:9e:a4:ef:c0:d0:3a:cb:b5:
43:dc:e6:ee:ef:8f:ac:e4:aa:cd:ef:a4:bc:f0:bf:cd:8a:15:
cd:e8:98:7e:14:cc:d1:00:94:15:37:1f:d4:bb:cc:ad:ca:34:
31:4e:08:87:b4:8a:5a:1c:9f:22:83:f4:20:66:40:96:21:fb:
f4:dc:f9:5a:bc:00:6e:d5:32:bd:a6:f5:7d:f7:d8:ab:05:34:
64:d6:40:36:4d:08:8c:ad:59:a0:ed:e0:f9:d8:d8:e3:3b:4f:
1a:90:dd:ae
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZQhseKuuqtmgqx4IZ34vwuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2FlODM0MGI3OTA0MmM3YzI0NDJlZjQ4ODJmNWE4Y2NmNGVmNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8i+Yr+BY6sJxXUikl7vaMgb5kHMD
y//rJXNhdvxVz6uw1Js5D8Nnxsz9zwIFtXs/PHGYJZ2KCrBsT22gyv1Z/uejCtZX
Cln5Qqd3C0rl53jXuCD/M+P5dj3xAWQ5Xx0S/9mpV8ehzOJne+oNOUBkcSDvxzjl
rDleVGb7lNyd7B9j1FbjmAC/36LVHffTx2qU9fXV2scC5aVEtRmyfcLzee7f14EL
8yCSXPz0zdEpMUmaLholwPrIfR+zA4wcnzggz5EZRiAjw1Dg2Zo6unPdsbomXLl8
X93FR/Vu+EjB4jaZxt2KhcWvPVHH+xe9GxclcLpwWNHpV9NKnmJleECSLwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFAeug0C3kELHwkQu9IgvWozPTvbNMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvQjY2RFFMZVFRc2ZDUkM3MGlDOWFqTTlPOXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdDAMAwQAVO8F
AwQDVO8AAwQAVO8KAwQAVO8MAwQBVO8QAwQAVO8ZMAwDBABU7xsDBABU7xwDBABU
7x8DBABU7yEDBABU7yUwDAMEAFTvKQMEAlTvKAMEAFTvLTAMAwQAVO8vAwQAVO8w
AwQAVO8yAwQAVO80MA0GCSqGSIb3DQEBCwUAA4IBAQCPBdGfh/oh4Bv6mzDr0AFX
sXEwYOGzgTGXU1wQuU18afvEEnDx6pjoM8bOGE+rxuC/zixy+iV8ff5bjw/FR8yM
Vkd7p/u8fAxCdaffgPcx/VS6OaF0SYAeqCRi6ZHAx6MdLYfyneTWuQiduoXu+lq6
Ky9kwq3M7Lkha01IjcvaWo9WIbfuQJjfVK8qZpq0oBHK1FpqKYXpbr6NnqTvwNA6
y7VD3Obu74+s5KrN76S88L/NihXN6Jh+FMzRAJQVNx/Uu8ytyjQxTgiHtIpaHJ8i
g/QgZkCWIfv03PlavABu1TK9pvV999irBTRk1kA2TQiMrVmg7eD52NjjO08akN2u
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:20 2025 by rpki-client